VYPR

Go modules package

github.com/jptosso/coraza-waf

pkg:golang/github.com/jptosso/coraza-waf

Vulnerabilities (1)

  • CVE-2025-29914MedMar 20, 2025
    affected < 3.3.3fixed 3.3.3

    OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUEST_FILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUE